Detections
Analytics

MiracleLinux 3 : NetworkManager-0.7.0-4.1AXS3 (AXSA:2009-222:01)

high Nessus Plugin ID 284497

Synopsis

The remote MiracleLinux host is missing one or more security updates.

Description

The remote MiracleLinux 3 host has a package installed that is affected by multiple vulnerabilities as referenced in the AXSA:2009-222:01 advisory.

 NetworkManager attempts to keep an active network connection available at all times. It is intended only for the desktop use-case, and is not intended for usage on servers. The point of NetworkManager is to make networking configuration and setup as painless and automatic as possible. If using DHCP, NetworkManager is intended to replace default routes, obtain IP addresses from a DHCP server, and change nameservers whenever it sees fit.
 Fixed bugs:
 CVE-2009-0365 nm-applet.conf in GNOME NetworkManager before 0.7.0.99 contains an incorrect deny setting, which allows local users to discover (1) network connection passwords and (2) pre-shared keys via calls to the GetSecrets method in the dbus request handler.
 CVE-2009-0578 GNOME NetworkManager before 0.7.0.99 does not properly verify privileges for dbus (1) modify and (2) delete requests, which allows local users to change or remove the network connections of arbitrary users via unspecified vectors related to org.freedesktop.NetworkManagerUserSettings and at_console.
 Other bugs:
 - Moved libnm-util.so.* to glib package from main package, so glib package will not require main package.

Tenable has extracted the preceding description block directly from the MiracleLinux security advisory.

Note that Nessus has not tested for these issues but has instead relied only on the application's self-reported version number.

Solution

Update the affected NetworkManager-glib package.

See Also

https://tsn.miraclelinux.com/en/node/860

Plugin Details

Severity: High

ID: 284497

File Name: miracle_linux_AXSA-2009-222.nasl

Version: 1.1

Type: local

Published: 1/14/2026

Updated: 1/14/2026

Supported Sensors: Nessus Agent, Nessus

Risk Information

VPR

Risk Factor: Medium

Score: 5.1

Vendor

Vendor Severity: High

CVSS v2

Risk Factor: Medium

Base Score: 6.2

Temporal Score: 5.1

Vector: CVSS2#AV:L/AC:L/Au:S/C:N/I:C/A:C

CVSS Score Source: CVE-2009-0578

CVSS v3

Risk Factor: High

Base Score: 7.1

Temporal Score: 6.6

Vector: CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:H/A:H

Temporal Vector: CVSS:3.0/E:F/RL:O/RC:C

Vulnerability Information

CPE: cpe:/o:miracle:linux:3, p-cpe:/a:miracle:linux:networkmanager-glib

Required KB Items: Host/local_checks_enabled, Host/cpu, Host/MiracleLinux/release, Host/MiracleLinux/rpm-list

Exploit Available: true

Exploit Ease: Exploits are available

Patch Publication Date: 8/4/2009

Vulnerability Publication Date: 3/3/2009

Exploitable With

CANVAS (CANVAS)

Reference Information

CVE: CVE-2009-0365, CVE-2009-0578